New UEFI Secure Boot flaw exposes systems to bootkits

Posted by:
John Harrison
Tue, 21 Jan
0 Comment
Feature image

ESET has uncovered a critical bug in a UEFI application that allows hackers to bypass UEFI Secure Boot security measures. This loophole enables threat actors to deploy bootkits and compromise targeted systems. The vulnerable UEFI application, from various system recovery software providers, was identified by cybersecurity experts at ESET, prompting Microsoft to release a patch in the latest Patch Tuesday update in January 2025. Users are strongly advised to apply this patch promptly to safeguard their systems. The bug, identified as CVE-2024-7344, stems from a flawed custom PE loader implementation in place of the standard UEFI functions LoadImage and StartImage. While the fix was executed relatively promptly, the incident raises concerns about the prevalence of such security risks in third-party UEFI software. ESET warns that the impact extends beyond systems with the affected recovery software, meaning any UEFI system with the Microsoft third-party UEFI certificate could be at risk. This discovery underscores the importance of vigilance in maintaining system security against evolving cyber threats.

Tags:

0 0 votes
Article Rating
Subscribe
Notify of
guest

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments